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IN THE CLAIMS 
Please amend the claims as follows: 

Claim 1 (Currently Amended): A gateway device for carrying out a datr apacket 
relaying at a transport or upper layer between a first t e nninal sender device and a s e cond 
tenninal destination device which are capable of carrying out communications through 
networks with giiarantood data secrecy based on a security association set up therebetween, 
the gateway device comprising: 

a security information management unit configured to obtain and manage information 
regarding a the security association; 

a data receiving unit configured to receive encrypted datu a first packet which includes 
a first header and an encrypted packet from the tlrst ternxinal d e vice or the second 
tenninal sender device; 

a data decryption unit configured to obtain decrypted data by decrypting the encrypt e d 
dat adecrvpt the encrypted packet to obtain a second packet including a second lieader and 
data by utilizing the information regarding the security association and to check a destination 
address included in a header of the d0cr>ptod data at a time of rela>dng the communications 
with guarant e ed data G c crecy betwe e n the first t e nninal devic e and the second t e nminal 
deviee the second header ; 

a data packet relay unit configured to carry out the dat apacket relaying at the transport 
or upper layer according to the decrypt e d dat a second header ; 

a data encryption unit configured to encrypt data to be transmitted fi'om th e gateway 
devie ethe second packet to obtain an encrypted second packet by utilizing the information 
regarding the security association, no n e w d e stination addr e ss header being newly attached to 
the data to be transmitted encrvpted second packet ; and 
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a data transmitting unit configured to transmit the encrypted data encrypted by the 
data encryption imit second packet with attachin^^: the first header to the second tentiinal 
d o vic Q or the first t e rminal destination device. 

Claim 2 (Currently Amended): The gateway device of claim 1, wherein the gateway 
device carries out the data packet relaying between the first tenninal sender device which is a 
radio terminal device accommodated in a radio network and the s e cond t e rminal destination 
device which is a wired terminal device accommodated in a wired network. 

Claim 3 (Currently Amended): The gateway device of claim 1, wherein the security 
information management unit manages the information regarding the security association 
which is provided firom the first tenninal device or the s e cond tenninal sender device. 

Claim 4 (Currently Amended): The gateway device of claim 1, wherein the security 
information management unit manages the information regarding the security association 
which is provided fi-om a security server for managing security of the data at a time of 
carrying out the communications of the data of the transport or upper layer between the fes* 
tenninal sender device and the s e cond temiinal destination device. 



Claim 5 (Currently Amended): The gateway device of claim 1, wherein the security 
information management unit manages the information regarding the security association 
which is generated by a security server for managing security of the-data and distributed fi:-om 
the security server to the first t e nninal sender device and the s e cond terminal destination 
device. 
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Claim 6 (Currently Amended): The gateway device of claim 1, wherein the security 
information management unit manages the information regarding the security association 
which is retrieved from a database by a security server for managing security of the-data by 
using a retrieval key provided with respect to the first t e nnina] sender device and the second 
tenninal destination device. 

Claim 7 (Currently Amended): The gateway device of claim 1, wherein the fe&t 
t e nninal sender device is a mobile terminal device, and the gateway device further comprises: 

a handoff control unit configured to transfer the information regarding the security 
association to a next gateway device when the fifs tmobile terminal device moves from an 
area covered by the gateway device to an area covered by the next gateway device, and to 
control an operation of the gateway device according to the information regarding the 
security association which is transferred from a previous gateway device when the first mobile 
terminal device moves from an area of the previous gateway device to an area covered by the 
gateway device. 

Claim 8 (Original): The gateway device of claim 7, wherein the handoff control unit 
controls the operation of the gateway device also according to a state of the transport or upper 
layer. 

Claim 9 (Currently Amended): The gateway device of claim 1, ftirther comprising: 
a processing unit configured to obtain decapsulated data packet by decapsulating 
encapsulated dat apacket received from the first terminal d e vice or the second terminal sender 
device, judge whether the dat apacket relaying at the transport or upper layer is necessary or 
not according to the decapsulated data packet , control the data relay unit to carry out the data 
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relaying at the transport or upper layer when the data relaying at the transport or upper layer 
is judged as necessary, and encr>pt data to be transmitted from tho gateway 
d:ev4e6 encapsulate the decapsiilated packet . 

Claim 10 (Currently Amended): A gateway device for carrying out a data packet 
relaying at a transport or upper layer between a first terminal sender device and a second 
terminal desti nation device which are capable of carrying out communications through 
networks with guaranteed data authenticity based on a security association set up 
therebetween, the gateway device comprising: 

a security information management unit configured to obtain and manage information 
regarding a the security association; 

a data receiving unit configured to receive dat aa packet including a header and data 
from the tirst terminal device or the second tcrminal sender device; 

a data packet relay unit configured to carry out the dat apacket relaying at the transport 
or upper layer according to the received dat ah eader ; 

an authentication information attaching unit configured to attach authentication 
information to dat athe received packet to be transmitted firom the gateway device by utilizing 
the information regarding the security association; and 

a data transmitting unit configured to transmit the data received packet with the 
authentication information to the s e cond terminal d e vic e or the first t e rminal destination 
device. 

Claim 1 1 (Currently Amended): The gateway device of claim 10, wherein the 
gateway device carries out the data packet relaying between the first t e rminal sender device 
which is a radio terminal device accommodated in a radio network and the second 
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temiinal destination device which is a wired terminal device accommodated in a wired 
network. 

Claim 12 (Currently Amended): The gateway device of claim 10, wherein the 
security information management unit manages the information regarding the security 
association which is provided from the first terminal devic e or tli e second t e rminal sender 
device. 

Claim 13 (Currently Amended): The gateway device of claim 10, wherein the 
security information management unit manages the information regarding the security 
association which is provided from a security server for managing security of tfee-data at a 
time of carrying out the connmunications of the data of the transport or upper layer between 
the frrst tenninal sender device and the second temiinal destination device. 



Claim 14 (Currently Amended): The gateway device of claim 10, wherein the 
security information management unit manages the information regarding the security 
association which is generated by a security server for managing security of th«-data and 
distributed from the security server to the first terminal sender device and the second 
terminal destination device. 

Claim 15 (Currently Amended): The gateway device of claim 10, wherein the 
security information management unit manages the information regarding the security 
association which is retrieved from a database by a security server for managing security of 
the-data by using a retrieval key provided with respect to the first terminal sender device and 
the second terminal destination device. 
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Claim 16 (Currently Amended): The gateway device of claim 10, wherein the ffet 
t e rminal sender device is a mobile terminal device, and the gateway device further comprises: 

a handoff control unit configured to transfer the information regarding the security 
association to a next gateway device when the fipst mobile terminal device moves from an 
area covered by the gateway device to an area covered by the next gateway device, and to 
control an operation of the gateway device according to the information regarding the 
security association which is transferred from a previous gateway device when the fest mobile 
terminal device moves from an area of the previous gateway device to an area covered by the 
gateway device. 

Claim 17 (Original): The gateway device of claim 16, wherein the handoff control 
unit controls the operation of the gateway device also according to a state of the transport or 
upper layer. 

Claim 18 (Currently Amended): The gateway device of claim 10, further comprising: 
a processing unit configured to obtain decapsulated data packel by decapsulating 
encapsulated data packet received from the first tenninal device or the second teiminal sender 
device, judge whether the dat apacket relaying at the transport or upper layer is necessary or 
not according to the decapsulated dat apacket , control the data relay unit to carry out the data 
relaying at the transport or upper layer when the data relaying at the transport or upper layer 
is judged as necessary, and encrypt data to be transmitted from the gateway 
deviee encapsulate the decapsulated packet . 
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Claim 19 (Currently Amended): A method for carrying out a data packet relaying at a 
transport or upper layer in a gateway device between a first terminal sender device and a 
second t e nninal destination device which are capable of carrying out communications through 
networks with guarant e ed data secrecy based on a security association set up therebetween, 
the method comprising; 

obtaining and managing information regarding a security association; 

receiving o ncr\pted data data first packet which includes a first header and an 
encrypted packet firom the first tenninal device or the second terminal s^ider device; 

nhrnining Hftr.rypted data by decrypting the encrypt e d dat a decrvpting the encrypted 
packet to obtain a second packet including a second header and data by utilizing the 
information regarding the security association and checking a destination addres s included in 
a header of th e decrypt e d data at a time of relaying the communications with guaranteed data 
r.c^^rrf^c.y hc^tween the firr.t terminal device and the second terminal device the second header ; 

carrying out the data packet relaying at the transport or upper layer according to the 
decrypt e d data second header ; 

encrypting data to be transmitted frorn the gateway device the second packet to obtain 
an encrypted second packet by utilizing the information regarding the security association, no 
new deGtination address header being newly attached to the data to be transmitted e ncrypted 
second packet ; and 

transmitting the encrypted dat asecond packet with attaching the first header to the 
second t e nninal d e vic e or the first terminal destination device. 

Claim 20 (Currently Amended): A method for carrying out a data packet relaying at a 
transport or upper layer in a gateway device between a first t e rminal sender device and a 
second terminal destination device which are capable of carrying out communications through 
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networks with guaranteed data authenticity based on a security association set up 
therebetween, the method comprising: 

obtaining and managing infomiation regarding a the security association; 

receiving dat adata packet including a header and data from the first tenriinal devic e or 
the second tenninal sender device; 

carrying out the data packet relaying at the transport or upper layer according to the 
received dat a header ; 

attaching authentication information to data the received packet to be transmitted from 
the gateway device by utilizing the information regarding the security association; and 

transmitting the dat areceived packet with the authentication information to the second 
terminal devic e or the first terminal destination device. 

Claim 21 (Currently Amended): A computer usable medium having computer 
readable program codes embodied therein for causing a computer to function as a gateway 
device for carrying out a dat apacket relaying at a transport or upper layer between a fest 
torminal sender device and a s e cond teiTninal destination device which are capable of carrying 
out communications through networks with guarant e ed data secrecy based on a security 
association set up therebetween, the computer readable program codes include: 

a first computer readable program code for causing said computer to obtain and 
manage information regarding a security association; 

a second computer readable program code for causing said computer to receive 
encrvpted data a first packet wliich includes a first header and an encrypted packet from the 
first t e nriinal devic e or th e s e cond t e rminal sender device; 

a third computer readable program code for causing said computer to obtain decrypted 
data by docryptine the encrvpted dat a decrvpt the encrypted packet to obtain a second packet 
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including a second header and data by utilizing the information regarding the security 
association and to check a destination addrcos includod in a header of the decrypted data at a 
tim e of r e laying th e communication s with guaranteed data s e crecy b o tw o on th e first terminal 
d e vice and th e second terminal d e vic e the second header ; 

a fourth computer readable program code for causing said computer to carry out the 
data packet relaying at the transport or upper layer according to the docryptod dat a second 
header ; 

a fifth computer readable program code for causing said computer to encrypt data to 
h & tran r ,mitt e d from the gateway device the second packet to obtain an encrypted second 
packet by utilizing the information regarding the security association, no new destination 
ad^Fessheader being newly attached to the data to b e tranGmitted encrvpted second packet ; and 

a sixth computer readable program code for causing said computer to transmit the 
encrypted dat asecond packet with attaching the first header to the second terminal device or 
tli e first ternunal destination device. 

Claim 22 (Currently Amended): A computer usable medium having computer 
readable program codes embodied therein for causing a computer to function as a gateway 
device for carrying out a data packet relaying at a transport or upper layer between a fest 
terminal sender device and a Gccond tcrminal destination device which are capable of carrying 
out communications through networks with guarant e ed data authenticity based on a security 
association set up therebetween, the computer readable program codes include: 

a first computer readable program code for causing said computer to obtain and 
manage information regarding the security association; 
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a second computer readable program code for causing said computer to receive dataa 
packet including a header and data from the first terminal device or the second tcmiinal sgnder 
device; 

a third computer readable program code for causing said computer to carry out the 
data packet relaying at the transport or upper layer according to the roceived data header ; 

a fourth computer readable program code for causing said computer to attach 
authentication information to dat athe recei ved packet to be transmitted from the gateway 
device by utilizing the information regarding the security association; and 

a fifth computer readable program code for causing said computer to transmit the 
data rcceived packet with the authentication information to the s econd t e rminal device or the 
first t e rminal destination device . 

Claim 23 (New): A gateway device for carrying out a packet relaying at a transport or 
upper layer between a sender device and a destination device which are capable of carrying 
out coromunications through networks with guarante e d data secrecy based on a security 
association set up therebetween, the gateway device comprising: 

a security information management unit configured to obtain and manage information 
regarding the security association; 

a data receiving unit configured to receive a first packet which includes a first header 
and an encrypted packet from the sender device; 

a data decryption unit configured to decrypt the encrypted packet to obtain a second 
packet including a second header and data by utilizing the information regarding the security 
association and to check the second header; 

a packet relay unit configured to carry out the packet relaying at the transport or upper 
layer according to the second header; 
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a data encryption unit configured to receive the second packet directly firom the 
decryption unit and encrypt the second packet to obtain an encrypted second packet by 
utiUzing the information regarding the security association; and 

a data transmitting unit configured to transmit the encrypted second packet with 
attaching the first header to the destination device. 
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